| praudit.c (185573) | praudit.c (243750) |
|---|---|
| 1/*- | 1/*- |
| 2 * Copyright (c) 2004-2008 Apple Inc. | 2 * Copyright (c) 2004-2009 Apple Inc. |
| 3 * Copyright (c) 2006 Martin Voros 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. | 3 * Copyright (c) 2006 Martin Voros 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. |
| 14 * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of | 14 * 3. Neither the name of Apple Inc. ("Apple") nor the names of |
| 15 * its contributors may be used to endorse or promote products derived 16 * from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * | 15 * its contributors may be used to endorse or promote products derived 16 * from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * |
| 30 * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#14 $ | 30 * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#16 $ |
| 31 */ 32 33/* 34 * Tool used to parse audit records conforming to the BSM structure. 35 */ 36 37/* | 31 */ 32 33/* 34 * Tool used to parse audit records conforming to the BSM structure. 35 */ 36 37/* |
| 38 * praudit [-lpx] [-r | -s] [-d del] [file ...] | 38 * praudit [-lnpx] [-r | -s] [-d del] [file ...] |
| 39 */ 40 41#include <bsm/libbsm.h> 42 43#include <stdio.h> 44#include <stdlib.h> 45#include <unistd.h> 46 47extern char *optarg; 48extern int optind, optopt, opterr,optreset; 49 50static char *del = ","; /* Default delimiter. */ 51static int oneline = 0; | 39 */ 40 41#include <bsm/libbsm.h> 42 43#include <stdio.h> 44#include <stdlib.h> 45#include <unistd.h> 46 47extern char *optarg; 48extern int optind, optopt, opterr,optreset; 49 50static char *del = ","; /* Default delimiter. */ 51static int oneline = 0; |
| 52static int raw = 0; 53static int shortfrm = 0; | |
| 54static int partial = 0; | 52static int partial = 0; |
| 55static int xml = 0; | 53static int oflags = AU_OFLAG_NONE; |
| 56 57static void 58usage(void) 59{ 60 | 54 55static void 56usage(void) 57{ 58 |
| 61 fprintf(stderr, "usage: praudit [-lpx] [-r | -s] [-d del] " | 59 fprintf(stderr, "usage: praudit [-lnpx] [-r | -s] [-d del] " |
| 62 "[file ...]\n"); 63 exit(1); 64} 65 66/* 67 * Token printing for each token type . 68 */ 69static int --- 16 unchanged lines hidden (view full) --- 86 87 while ((reclen = au_read_rec(fp, &buf)) != -1) { 88 bytesread = 0; 89 while (bytesread < reclen) { 90 /* Is this an incomplete record? */ 91 if (-1 == au_fetch_tok(&tok, buf + bytesread, 92 reclen - bytesread)) 93 break; | 60 "[file ...]\n"); 61 exit(1); 62} 63 64/* 65 * Token printing for each token type . 66 */ 67static int --- 16 unchanged lines hidden (view full) --- 84 85 while ((reclen = au_read_rec(fp, &buf)) != -1) { 86 bytesread = 0; 87 while (bytesread < reclen) { 88 /* Is this an incomplete record? */ 89 if (-1 == au_fetch_tok(&tok, buf + bytesread, 90 reclen - bytesread)) 91 break; |
| 94 if (xml) 95 au_print_tok_xml(stdout, &tok, del, raw, 96 shortfrm); 97 else 98 au_print_tok(stdout, &tok, del, raw, 99 shortfrm); | 92 au_print_flags_tok(stdout, &tok, del, oflags); |
| 100 bytesread += tok.len; 101 if (oneline) { | 93 bytesread += tok.len; 94 if (oneline) { |
| 102 if (!xml) | 95 if (!(oflags & AU_OFLAG_XML)) |
| 103 printf("%s", del); 104 } else 105 printf("\n"); 106 } 107 free(buf); 108 if (oneline) 109 printf("\n"); 110 fflush(stdout); 111 } 112 return (0); 113} 114 115int 116main(int argc, char **argv) 117{ 118 int ch; 119 int i; 120 FILE *fp; 121 | 96 printf("%s", del); 97 } else 98 printf("\n"); 99 } 100 free(buf); 101 if (oneline) 102 printf("\n"); 103 fflush(stdout); 104 } 105 return (0); 106} 107 108int 109main(int argc, char **argv) 110{ 111 int ch; 112 int i; 113 FILE *fp; 114 |
| 122 while ((ch = getopt(argc, argv, "d:lprsx")) != -1) { | 115 while ((ch = getopt(argc, argv, "d:lnprsx")) != -1) { |
| 123 switch(ch) { 124 case 'd': 125 del = optarg; 126 break; 127 128 case 'l': 129 oneline = 1; 130 break; 131 | 116 switch(ch) { 117 case 'd': 118 del = optarg; 119 break; 120 121 case 'l': 122 oneline = 1; 123 break; 124 |
| 125 case 'n': 126 oflags |= AU_OFLAG_NORESOLVE; 127 break; 128 |
|
| 132 case 'p': 133 partial = 1; 134 break; 135 136 case 'r': | 129 case 'p': 130 partial = 1; 131 break; 132 133 case 'r': |
| 137 if (shortfrm) | 134 if (oflags & AU_OFLAG_SHORT) |
| 138 usage(); /* Exclusive from shortfrm. */ | 135 usage(); /* Exclusive from shortfrm. */ |
| 139 raw = 1; | 136 oflags |= AU_OFLAG_RAW; |
| 140 break; 141 142 case 's': | 137 break; 138 139 case 's': |
| 143 if (raw) | 140 if (oflags & AU_OFLAG_RAW) |
| 144 usage(); /* Exclusive from raw. */ | 141 usage(); /* Exclusive from raw. */ |
| 145 shortfrm = 1; | 142 oflags |= AU_OFLAG_SHORT; |
| 146 break; 147 148 case 'x': | 143 break; 144 145 case 'x': |
| 149 xml = 1; | 146 oflags |= AU_OFLAG_XML; |
| 150 break; 151 152 case '?': 153 default: 154 usage(); 155 } 156 } 157 | 147 break; 148 149 case '?': 150 default: 151 usage(); 152 } 153 } 154 |
| 158 if (xml) | 155 if (oflags & AU_OFLAG_XML) |
| 159 au_print_xml_header(stdout); 160 161 /* For each of the files passed as arguments dump the contents. */ 162 if (optind == argc) { 163 print_tokens(stdin); 164 return (1); 165 } 166 for (i = optind; i < argc; i++) { 167 fp = fopen(argv[i], "r"); 168 if ((fp == NULL) || (print_tokens(fp) == -1)) 169 perror(argv[i]); 170 if (fp != NULL) 171 fclose(fp); 172 } 173 | 156 au_print_xml_header(stdout); 157 158 /* For each of the files passed as arguments dump the contents. */ 159 if (optind == argc) { 160 print_tokens(stdin); 161 return (1); 162 } 163 for (i = optind; i < argc; i++) { 164 fp = fopen(argv[i], "r"); 165 if ((fp == NULL) || (print_tokens(fp) == -1)) 166 perror(argv[i]); 167 if (fp != NULL) 168 fclose(fp); 169 } 170 |
| 174 if (xml) | 171 if (oflags & AU_OFLAG_XML) |
| 175 au_print_xml_footer(stdout); 176 177 return (1); 178} | 172 au_print_xml_footer(stdout); 173 174 return (1); 175} |